[Openstack] Openstack Kilo Vxlan tunnel single NIC setup
Amir Huskić
amir.huskic at gmail.com
Thu Nov 12 08:36:13 UTC 2015
Thank you all for suggestions and sorry for late answer. Now I have PC with
two interfaces; eth0 for br-ex (LAN) and eth1 for vxlan/gre tunnel
interface. Br-ex is working fine and also I can ping and access VM using
floating IP. But still facing issue with vxlan/gre tunnels. Vxlan/gre port
is not created on br-tun.
As I already wrote I'm trying to enable L2 connectivity between VMs running
on single node Openstack Kilo instalation (Devstack) and external Linux
host using vxlan/gre tunnel. Since there are now two NICs I'll open new
thread.
Regards,
Amir
On Mon, Oct 19, 2015 at 12:36 PM, Akash Gunjal <akgunjal at in.ibm.com> wrote:
> Hi Amir,
>
> One point to check is the security rules set in your controller. Check if
> you have set the ingress/egress rules set for ICMP protocol (ping) which
> will otherwise block traffic from external hosts to the tenant VM.
>
> Regards,
> Akash
>
> [image: Inactive hide details for yatin kumbhare ---10/19/2015 03:56:22
> PM---Hi Amir, Not quite sure, as I haven't tried such a thing.]yatin
> kumbhare ---10/19/2015 03:56:22 PM---Hi Amir, Not quite sure, as I haven't
> tried such a thing.
>
> From: yatin kumbhare <yatinkumbhare at gmail.com>
> To: Amir Huskić <amir.huskic at gmail.com>
> Cc: "openstack at lists.openstack.org" <openstack at lists.openstack.org>
> Date: 10/19/2015 03:56 PM
> Subject: Re: [Openstack] Openstack Kilo Vxlan tunnel single NIC setup
> ------------------------------
>
>
>
> Hi Amir,
>
> Not quite sure, as I haven't tried such a thing.
>
> but IMHO, you might require l2-gateway.
>
> Kind of this: *https://www.youtube.com/watch?v=74Wfr4myf5k*
> <https://www.youtube.com/watch?v=74Wfr4myf5k>
>
> Regards,
> Yatin
>
> On Mon, Oct 19, 2015 at 4:35 AM, Amir Huskić <*amir.huskic at gmail.com*
> <amir.huskic at gmail.com>> wrote:
>
> Hello James,
>
> I use underscores in ml2 config file as You suggested. Also made some
> changes in config file. Here is available:
> *https://www.dropbox.com/s/fuzwiyuyfngyyl2/ml2_conf.ini?dl=0*
> <https://www.dropbox.com/s/fuzwiyuyfngyyl2/ml2_conf.ini?dl=0>
>
> Summary:
> - can ping from OS host to external gw and external linux host
> - can ping from tenant VM to external gw and external linux host
> - can't ping OS host and tenant VM floating IP from external linux host
> - tcpdump on br-ex and eth0 interface is showing arp request during
> ping request from linux external host using vxlan segment
>
> For additional info please check info from CLI screen here:
> *https://www.dropbox.com/s/fv5hen4jbo6fmby/CLI_debug.txt?dl=0*
> <https://www.dropbox.com/s/fv5hen4jbo6fmby/CLI_debug.txt?dl=0>
>
> Accidently I deleted symbolic link in log files pointing to agent log.
> Unfortunately I don't know how to create it again with proper permissions.
> I tried with chmod and chown using reference command but without much
> success.
>
> lrwxrwxrwx 1 amir amir 43 Sep 19 15:26 screen-n-sch.log ->
> /opt/stack/logs/n-sch.log.2015-09-19-150746
> * -rw-r--r-- 1 amir amir 245730291 Okt 18 14:00 screen-q-agt.log*
> lrwxrwxrwx 1 amir amir 44 Sep 19 15:25 screen-q-dhcp.log ->
> /opt/stack/logs/q-dhcp.log.2015-09-19-150746
>
>
> Thank you for your help and time.
>
> Kind regards,
> Amir
>
>
> On Wed, Oct 14, 2015 at 4:06 PM, James Denton <
> *james.denton at rackspace.com* <james.denton at rackspace.com>> wrote:
> Hi Amir,
>
> A couple of recommendations:
>
> - Your vxlan_group setting has an extra dot at the end that may be
> causing issues:
> [ml2_type_vxlan]
> vxlan_group = 239.0.0.0.
> - Your [OVS] block has some incorrect options. Use underscores rather
> than spaces:
> [ovs]
> bridge_mappings = public:br-ex
> local_ip = 192.168.100.100
> vxlan_udp_port = 8472
> tunnel type = vxlan
> tunnel id ranges = 1001:2000
> tenant network type = vxlan
> enable tunneling = true
> - Same goes for [agent] as well:
> [agent]
> tunnel_types = vxlan
> root_helper_daemon = sudo /usr/local/bin/neutron-rootwrap-daemon
> /etc/neutron/rootwrap.conf
> root_helper = sudo /usr/local/bin/neutron-rootwrap
> /etc/neutron/rootwrap.conf
> #tunnel_types = vxlan
> vxlan_udp_port = 8472
> l2 population = false
> Start by correcting those issues and restart the OVS agents across
> your hosts. The agent log may be of help here as well.
>
> James
> On Oct 14, 2015, at 2:38 AM, Amir Huskić <*amir.huskic at gmail.com*
> <amir.huskic at gmail.com>> wrote:
>
> Hello,
>
> there is also my ml2_conf.ini file:
> *https://dl.dropboxusercontent.com/u/4298410/ml2_conf.ini*
> <https://dl.dropboxusercontent.com/u/4298410/ml2_conf.ini>
>
> Could problem be related to single NIC installation? Is it
> possible to have same interface for bridge mappings and also for tunnel
> bridge? Example below:
>
> bridge_mappings = public:br-ex
> integration bridge = br-int
> tunnel bridge = br-ex
>
> Thank you.
> Regards,
> Amir
>
>
> On Mon, Oct 12, 2015 at 3:53 PM, Amir Huskić <
> *amir.huskic at gmail.com* <amir.huskic at gmail.com>> wrote:
> Hi all,
>
> I'm trying to setup up Openstack test lab.
>
> I deployed Openstack Kilo (Devstack) on PC running Ubuntu LTS
> 14.02 with single NIC.
> Tenants are isolated with vxlan networks. I can ping from VMs
> to external network PCs, SSH login from external PCs to tenants VMs
> floating IP address, etc.
>
> I would like also to connect tenant VMs to external network
> physical Linux host using vxlan tunnel and have L2 connectivity between VM
> and physical Linux host over L3 network.
>
> Vxlan interface on Linux physical host is up and running.
> When I am trying to ping from Linux physical host to Openstack VM (not
> floating IP) using same subnet L2 address (example ping from 192.168.10.10
> to 192.168.10.11) UDP packets on port 8472 are coming to Openstack br-ex
> interface with ARP request.
>
> Problem is that I can't setup vxlan tunnel on Openstack.
> Command "sudo ovs-vsctl show" doesn't show any vxlan tunnels.
> Also when I try to ping from VM to Linux host using L2 IP
> address (ping from 192.168.10.11 to 192.168.10.10) tcpdump on br-ex doesn't
> show anything.
>
> My ml2_conf.ini files is configured following this guide:
> *http://www.opencloudblog.com/?p=300*
> <http://www.opencloudblog.com/?p=300>
>
> Thanks in advance for your help,
>
> Regards,
> Amir
>
> _______________________________________________
> Mailing list:
> *http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack*
> <http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack>
> Post to : *openstack at lists.openstack.org*
> <openstack at lists.openstack.org>
> Unsubscribe :
> *http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack*
> <http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack>
>
>
>
> _______________________________________________
> Mailing list:
> *http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack*
> <http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack>
> Post to : *openstack at lists.openstack.org*
> <openstack at lists.openstack.org>
> Unsubscribe :
> *http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack*
> <http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack>
>
> _______________________________________________
> Mailing list:
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to : openstack at lists.openstack.org
> Unsubscribe :
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20151112/1ae61847/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ecblank.gif
Type: image/gif
Size: 45 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20151112/1ae61847/attachment.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: graycol.gif
Type: image/gif
Size: 105 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20151112/1ae61847/attachment-0001.gif>
More information about the Openstack
mailing list